authlib
authlib copied to clipboard
lepture
The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS,JWE,JWK,JWA,JWT included.
**Describe the bug** When using Authlib with requests session, `_guess_grant_type` method is used by `fetch_token` but not by `ensure_active_token` so if one initialises the session without adding the grant_type in...
**Describe the bug** This is a follow-up to #802 and #755. Currently, to find the alg to use to sign id_tokens, Authlib: - use alg is set in `get_jwt_config`_ if...
**Is your feature request related to a problem? Please describe.** Currently, authlib supports the following environment variables for OAuth configurations: ```text {name}_CLIENT_ID {name}_CLIENT_SECRET {name}_REQUEST_TOKEN_URL {name}_REQUEST_TOKEN_PARAMS {name}_ACCESS_TOKEN_URL {name}_ACCESS_TOKEN_PARAMS {name}_AUTHORIZE_URL {name}_AUTHORIZE_PARAMS {name}_API_BASE_URL...
**Is your feature request related to a problem? Please describe.** Authlib appears to assume that each OAuth client will have only one token at a time. However, if your app...
**Describe the "bug"** The authorization code grant error response will contain `invalid_grant` in the `error` field, if an invalid client is used. This is indeed intuitive, but is not documented...
See issue https://github.com/authlib/authlib/issues/516 for details. **What kind of change does this PR introduce?** (check at least one) - [v] Bugfix - [ ] Feature - [ ] Code style update...
